DISENTANGLING THE CONCEPT OF INFORMATION SECURITY PROPERTIES - ENABLING EFFECTIVE INFORMATION SECURITY GOVERNANCE

Authors

Michael Bitzer, FIM Research Center - University of AugsburgFollow
Nicolas Brinz, University Medical Centre of RegensburgFollow
Philipp Ollig, University of BayreuthFollow

Paper Number

1719

Abstract

The hyper-dynamic, global adoption of digital technologies due to the Covid-19 pandemic and the increasing digitalization of business models necessitate a dialogue on fundamental concepts that assist organizations in defining appropriate requirements for their information security measures. The definition of information security properties (ISPs) represents a widely used approach to describe the security needs of business assets in an understandable manner. However, academia and practice lack a consensus on underlying concepts and definitions. Here, we eliminate prevailing inconsistencies in definitions of ISPs by synthesizing the available literature. By extending the most common information security concept – i.e., the Confidentiality, Integrity & Availability (CIA) Triad – we disentangle the interrelations between various ISPs. Our results enhance the understanding of relevant ISPs and their interrelations, support organizations’ information security strategies, and deliver valuable impulses to stimulate further research concerning the influence of organizational characteristics on ISP prioritizations.

Recommended Citation

Bitzer, Michael; Brinz, Nicolas; and Ollig, Philipp, "DISENTANGLING THE CONCEPT OF INFORMATION SECURITY PROPERTIES - ENABLING EFFECTIVE INFORMATION SECURITY GOVERNANCE" (2021). ECIS 2021 Research Papers. 134.
https://aisel.aisnet.org/ecis2021_rp/134